4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #ifndef _INET_IPSEC_IMPL_H
27 #define _INET_IPSEC_IMPL_H
28
29 #include <inet/ip.h>
30 #include <inet/ipdrop.h>
31
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
35
36 #define IPSEC_CONF_SRC_ADDRESS 0 /* Source Address */
37 #define IPSEC_CONF_SRC_PORT 1 /* Source Port */
38 #define IPSEC_CONF_DST_ADDRESS 2 /* Dest Address */
39 #define IPSEC_CONF_DST_PORT 3 /* Dest Port */
40 #define IPSEC_CONF_SRC_MASK 4 /* Source Address Mask */
41 #define IPSEC_CONF_DST_MASK 5 /* Destination Address Mask */
42 #define IPSEC_CONF_ULP 6 /* Upper layer Port */
43 #define IPSEC_CONF_IPSEC_PROT 7 /* AH or ESP or AH_ESP */
768 /* ip_spd.c */
769 /* stats */
770 kstat_t *ipsec_ksp;
771 struct ipsec_kstats_s *ipsec_kstats;
772
773 /* sadb.c */
774 /* Packet dropper for generic SADB drops. */
775 ipdropper_t ipsec_sadb_dropper;
776
777 /* spd.c */
778 boolean_t ipsec_inbound_v4_policy_present;
779 boolean_t ipsec_outbound_v4_policy_present;
780 boolean_t ipsec_inbound_v6_policy_present;
781 boolean_t ipsec_outbound_v6_policy_present;
782
783 /* spd.c */
784 /*
785 * Because policy needs to know what algorithms are supported, keep the
786 * lists of algorithms here.
787 */
788 kmutex_t ipsec_alg_lock;
789
790 uint8_t ipsec_nalgs[IPSEC_NALGTYPES];
791 ipsec_alginfo_t *ipsec_alglists[IPSEC_NALGTYPES][IPSEC_MAX_ALGS];
792
793 uint8_t ipsec_sortlist[IPSEC_NALGTYPES][IPSEC_MAX_ALGS];
794
795 int ipsec_algs_exec_mode[IPSEC_NALGTYPES];
796
797 uint32_t ipsec_tun_spd_hashsize;
798 /*
799 * Tunnel policies - AVL tree indexed by tunnel name.
800 */
801 krwlock_t ipsec_tunnel_policy_lock;
802 uint64_t ipsec_tunnel_policy_gen;
803 avl_tree_t ipsec_tunnel_policies;
804
805 /* ipsec_loader.c */
806 kmutex_t ipsec_loader_lock;
807 int ipsec_loader_state;
808 int ipsec_loader_sig;
|
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright (c) 2012 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 #ifndef _INET_IPSEC_IMPL_H
28 #define _INET_IPSEC_IMPL_H
29
30 #include <inet/ip.h>
31 #include <inet/ipdrop.h>
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37 #define IPSEC_CONF_SRC_ADDRESS 0 /* Source Address */
38 #define IPSEC_CONF_SRC_PORT 1 /* Source Port */
39 #define IPSEC_CONF_DST_ADDRESS 2 /* Dest Address */
40 #define IPSEC_CONF_DST_PORT 3 /* Dest Port */
41 #define IPSEC_CONF_SRC_MASK 4 /* Source Address Mask */
42 #define IPSEC_CONF_DST_MASK 5 /* Destination Address Mask */
43 #define IPSEC_CONF_ULP 6 /* Upper layer Port */
44 #define IPSEC_CONF_IPSEC_PROT 7 /* AH or ESP or AH_ESP */
769 /* ip_spd.c */
770 /* stats */
771 kstat_t *ipsec_ksp;
772 struct ipsec_kstats_s *ipsec_kstats;
773
774 /* sadb.c */
775 /* Packet dropper for generic SADB drops. */
776 ipdropper_t ipsec_sadb_dropper;
777
778 /* spd.c */
779 boolean_t ipsec_inbound_v4_policy_present;
780 boolean_t ipsec_outbound_v4_policy_present;
781 boolean_t ipsec_inbound_v6_policy_present;
782 boolean_t ipsec_outbound_v6_policy_present;
783
784 /* spd.c */
785 /*
786 * Because policy needs to know what algorithms are supported, keep the
787 * lists of algorithms here.
788 */
789 krwlock_t ipsec_alg_lock;
790
791 uint8_t ipsec_nalgs[IPSEC_NALGTYPES];
792 ipsec_alginfo_t *ipsec_alglists[IPSEC_NALGTYPES][IPSEC_MAX_ALGS];
793
794 uint8_t ipsec_sortlist[IPSEC_NALGTYPES][IPSEC_MAX_ALGS];
795
796 int ipsec_algs_exec_mode[IPSEC_NALGTYPES];
797
798 uint32_t ipsec_tun_spd_hashsize;
799 /*
800 * Tunnel policies - AVL tree indexed by tunnel name.
801 */
802 krwlock_t ipsec_tunnel_policy_lock;
803 uint64_t ipsec_tunnel_policy_gen;
804 avl_tree_t ipsec_tunnel_policies;
805
806 /* ipsec_loader.c */
807 kmutex_t ipsec_loader_lock;
808 int ipsec_loader_state;
809 int ipsec_loader_sig;
|